package com.liao.myblog.controller.config;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.session.Session;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;

@Configuration
public class ShiroConfig {

    @Bean("shiroFilterFactoryBean")
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        defaultWebSecurityManager.setSessionManager(this.sessionManager());
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        LinkedHashMap<String, String> map = new LinkedHashMap<>();
//         map.put("/static/**", "anon"); //无效
        //去除对css和js的验证!!!
        map.put("/admin/dist/**", "anon");
        map.put("/blog/**", "anon");
//        map.put("/admin/dist/css/**", "anon");
//        map.put("/admin/dist/js/**", "anon");
//        map.put("/admin/dist/img/**", "anon");

        map.put("/admin/logins","anon");
        map.put("/admin/login","anon");
        map.put("/admin/kaptcha","anon");
//        map.put("/admin/**","authc");
//        map.put("/admin/index","perms[admin]");
        map.put("/admin/**","perms[admin]");
//        map.put("/admin/comment/**","perms[admin]");
//        map.put("/admin/catalogue/**","perms[admin]");
//        map.put("/admin/catalogue/**","perms[admin]");
//        map.put("/admin/catalogue/**","perms[admin]");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        shiroFilterFactoryBean.setLoginUrl("/admin/login");
        return shiroFilterFactoryBean;
    }

    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(AdminRealm adminRealm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(adminRealm);
        return defaultWebSecurityManager;
    }

    @Bean("sessionManager")
    public DefaultWebSessionManager sessionManager() {
        DefaultWebSessionManager defaultWebSessionManager = new DefaultWebSessionManager();
            defaultWebSessionManager.setGlobalSessionTimeout(60 * 30 * 1000);
        defaultWebSessionManager.setDeleteInvalidSessions(true);
        defaultWebSessionManager.getSessionIdCookie().setName("jsid");
        defaultWebSessionManager.setSessionIdCookie(cookie());
//        defaultWebSessionManager.setSessionValidationSchedulerEnabled(true);
//        defaultWebSessionManager.setSessionIdCookieEnabled(true);
        // tomcat的JESSIONID自动生成模块
        defaultWebSessionManager.setSessionIdUrlRewritingEnabled(false);
        return defaultWebSessionManager;
    }

    @Bean
    public Cookie cookie(){
        return new SimpleCookie("jsid");
    }

    @Bean
    public AdminRealm adminRealm() {
        AdminRealm realm = new AdminRealm();
        realm.setCredentialsMatcher(hashedCredentialsMatcher());
        return realm;
    }

    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher() {
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("md5");
        matcher.setHashIterations(2);
        return matcher;
    }

}
